LDAP and Groups.
Ivan Kalik
tnt at kalik.net
Mon Feb 25 17:08:05 CET 2008
DEFAULT Ldap-Group == "Engineering", and then list of reply attributes.
Ivan Kalik
Kalik Informatika ISP
Dana 25/2/2008, "David W Bell" <david at chaoscrypt.com> piše:
>Ok been fiddling some more.
>
>What I need to now do is work out which group a user belongs to based on
>LDAP users and groups.
>
>I am assuming this is in the radius.conf @ the section about groups.
>
>For Example,
>
>This LDAP user.
>
># belld, people, dxi.net
>dn: uid=belld,ou=people,dc=dxi,dc=net
>cn: David Bell
>gidNumber: 100
>givenName: David
>homeDirectory: /home/belld
>loginShell: /bin/bash
>objectClass: top
>objectClass: posixAccount
>objectClass: shadowAccount
>objectClass: inetOrgPerson
>shadowInactive: -1
>shadowMax: 99999
>shadowMin: 0
>shadowWarning: 7
>sn: Bell
>uid: belld
>uidNumber: 1000
>shadowLastChange: 13920
>
>is a member of this LDAP group
>
># Engineering, group, dxi.net
>dn: cn=Engineering,ou=group,dc=dxi,dc=net
>cn: Engineering
>gidNumber: 1000
>member: uid=belld,ou=people,dc=dxi,dc=net
>objectClass: top
>objectClass: posixGroup
>objectClass: groupOfNames
>
>How do I do this, so that I can then have my users file grant
>Cisco-AVPair information based on group membership
>
>Thanks
>
>David
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list